CLEVELAND, Feb. 6, 2014 /PRNewswire/ -- Earlier this week, the Senate Judiciary Committee held a hearing on retail security with Target's Chief Financial Officer John Mulligan, where he apologized for the massive data breach that occurred over the holiday shopping season.

Mulligan also offered up a "solution" to the problem saying, "We believe that chip-enabled technologies are critical to providing enhanced protection for consumers."

For many unfamiliar with the intricacies of information security, it sounds like EMV is the silver bullet we have been looking for. It's not.

SecureState, a management consulting firm specializing in information security, contends that EMV may have potentially prevented 40 million credit cards from being compromised, but the 70 million records would have still be leaked. The personally identifiable information (PII) of consumers would still be out there, because Payment Card Industry Data Security Standards (PCI-DSS) and EMV are only there to protect cardholder data and nothing else.

Many are calling for federal involvement, but SecureState CEO Ken Stasiak says that would only compound the problem.

"Take the Health Information Portability and Accountability Act enacted in 1996. Until 2010, no health provider was audited for their compliance to HIPAA," Stasiak said. "In fact, as of today most healthcare providers are self-certified as HIPAA compliant. So does a federal mandate help security in the private sector? The answer is no."